Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm cognos analytics 11.2.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-38945
IBM Cognos Analytics 11.2.1, 11.2.0, and 11.1.7 could allow a remote malicious user to upload arbitrary files, caused by improper content validation. IBM X-Force ID: 211238.
Ibm Cognos Analytics 11.1.7
Ibm Cognos Analytics
Ibm Cognos Analytics 11.2.0
Ibm Cognos Analytics 11.2.1
Netapp Oncommand Insight -
9.1
CVSSv3
CVE-2022-38708
IBM Cognos Analytics 11.1.7 11.2.0, and 11.2.1 could be vulnerable to a Server-Side Request Forgery Attack (SSRF) attack by constructing URLs from user-controlled data. This could enable malicious users to make arbitrary requests to the internal network or to the local file syst...
Ibm Cognos Analytics
Ibm Cognos Analytics 11.1.7
8.8
CVSSv3
CVE-2021-38886
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to cross-site request forgery which could allow an malicious user to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 209399.
Ibm Cognos Analytics 11.1.7
Ibm Cognos Analytics 11.2.0
Ibm Cognos Analytics 11.2.1
Netapp Oncommand Insight -
8.8
CVSSv3
CVE-2021-29756
IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to cross-site request forgery (CSRF) in the My Inbox page which could allow an malicious user to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 202167.
Ibm Cognos Analytics
Ibm Cognos Analytics 11.1.7
Ibm Cognos Analytics 11.2.0
Netapp Oncommand Insight -
8.8
CVSSv3
CVE-2021-29745
IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to priviledge escalation where a lower evel user could have access to the 'New Job' page to which they should not have access to. IBM X-Force ID: 201695.
Ibm Cognos Analytics 11.2.0
Ibm Cognos Analytics 11.1.7
Netapp Oncommand Insight -
8.8
CVSSv3
CVE-2021-29679
IBM Cognos Analytics 11.1.7 and 11.2.0 could allow an authenticated user to execute code remotely due to incorrectly neutralizaing user-contrlled input that could be interpreted a a server-side include (SSI) directive. IBM X-Force ID: 199915.
Ibm Cognos Analytics 11.1.7
Ibm Cognos Analytics 11.2.0
Netapp Oncommand Insight -
8.1
CVSSv3
CVE-2022-36773
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 233571.
Ibm Cognos Analytics 11.1.7
Ibm Cognos Analytics
Netapp Oncommand Insight -
7.5
CVSSv3
CVE-2022-43883
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could be vulnerable to a Log Injection attack by constructing URLs from user-controlled data. This could enable malicious users to make arbitrary requests to the internal network or to the local file system. IBM X-Force ID: 240266....
Ibm Cognos Analytics
Ibm Cognos Analytics 11.1.7
7.5
CVSSv3
CVE-2022-30614
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to a denial of service via email flooding caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume all available CPU resources. IBM X-Force ID: 22...
Ibm Cognos Analytics 11.1.7
Ibm Cognos Analytics
Netapp Oncommand Insight -
7.5
CVSSv3
CVE-2021-20470
IBM Cognos Analytics 11.1.7 and 11.2.0 does not require that users should have strong passwords by default, which makes it easier for malicious users to compromise user accounts. IBM X-Force ID: 196339.
Ibm Cognos Analytics
Ibm Cognos Analytics 11.1.7
Ibm Cognos Analytics 11.2.0
Netapp Oncommand Insight -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »